Skip to content

[Deps] Safe dependency updates (2026-07-07) #5972

Description

@github-actions

Automated Safe Dependency Updates

This PR contains safe patch-level dependency updates verified to pass all tests.

Updated Dependencies

Package Previous Updated Type
@typescript-eslint/eslint-plugin 8.62.1 8.63.0 patch
@typescript-eslint/parser 8.62.1 8.63.0 patch
typescript-eslint 8.62.1 8.63.0 patch

Security Status

  • npm audit: 0 vulnerabilities (CRITICAL: 0, HIGH: 0, MODERATE: 0, LOW: 0)

Verification

  • npm audit — 0 vulnerabilities
  • All tests pass (3504/3505 passing; 1 pre-existing failure unrelated to these changes)
  • No breaking changes detected

Updates Skipped (major version — require manual review)

Package Current Latest Reason
chalk 4.1.2 5.6.2 ESM-only in v5
commander 12.1.0 15.0.0 Multiple breaking changes
execa 5.1.1 9.6.1 ESM-only in v9
js-yaml 4.3.0 5.2.1 API changes
typescript 5.9.3 6.0.3 Compiler changes
@babel/core 7.29.7 8.0.1 Major
@commitlint/* 20.5.3 21.x Major
eslint-plugin-security 3.0.1 4.0.1 Major

Generated by Dependency Security Monitor Workflow


Warning

Protected Files — Push Permission Denied

This was originally intended as a pull request, but the patch modifies protected files. A human must create the pull request manually.

Protected files
  • package-lock.json
  • package.json

The push was rejected because GitHub Actions does not have workflows permission to push these changes, and is never allowed to make such changes, or other authorization being used does not have this permission.

Create the pull request manually
# Download the patch from the workflow run
gh run download 28840174814 -n agent -D /tmp/agent-28840174814

# Create a new branch
git checkout -b deps/safe-updates-2026-07-07-f5a60768275328d1 main

# Apply the patch (--3way handles cross-repo patches)
git am --3way /tmp/agent-28840174814/aw-deps-safe-updates-2026-07-07.patch

# Push the branch and create the pull request
git push origin deps/safe-updates-2026-07-07-f5a60768275328d1
gh pr create --title '[Deps] Safe dependency updates (2026-07-07)' --base main --head deps/safe-updates-2026-07-07-f5a60768275328d1 --repo github/gh-aw-firewall

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

Generated by Dependency Security Monitor · 49.3 AIC · ⊞ 7.3K ·

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions